Risk and Controls Analyst SRE-(WD22038)
Roles & Responsibilities
Collaborate with various stakeholders to maintain the internal controls effectiveness.
Liaise with the Group Audit, Group Legal and Compliance and T&O ORM teams on a regular basis.
Manage all audits, regulatory examinations / inspections, act as an audit focal point for the department. Review the audit findings, propose action plans and verify remedial solutions for closure.
Identify risk / issues proactively and work with the various stakeholders to investigate and determine remediation plans.
Manage and track self-identified, audit, regulator issue till closure
Oversee risk mitigation or information security programs and work with internal stakeholders to review, identify, streamline and implement process improvements.
Work with other Line of Business for consistency and leverage.
Drive and execute risk assessments and perform controls testing ensure their effectiveness;
Perform data analysis or procedure reviews to ensure compliance to the regulatory requirements and bank standards;
Manage department KRIs, risk events and provide periodic Risk and Control metrics and escalate emerging or at-risk issues in a timely manner.
Conduct regular trainings to disseminate policies updates and raise risk awareness.
Basic Minimum Requirements
Minimum a degree in Information Technology, Engineering or related discipline
At least 10 years of working experience in Risk Management within IT.
Experience in IT audit, Cloud Security will be an advantage
Strong Risk mindset
Good understanding of Secure Software Development Life Cycle, Threat and Vulnerabilities Assessment, Agile Methodology and IT General Controls
Good understanding of technology and operational risks, regulatory requirements
Strong communication, interpersonal and written skills
Able to work independently with minimal supervision and with a positive attitude
Willing to learn and take new challenges with an open-mind.